Difference between revisions of "WAD files"
m (i'm too slow....) |
(clarified info just in case (oh, and yay edit conflict!)) |
||
| Line 2: | Line 2: | ||
The data within a WAD file has the following format. | The data within a WAD file has the following format. | ||
| − | |||
| − | |||
=== Header === | === Header === | ||
| Line 104: | Line 102: | ||
| style="border: 1px solid #ccc; padding: 0.2em; background-color: #edd;" | First 8 bytes of IV for title key decryption (last 8 bytes are zero) | | style="border: 1px solid #ccc; padding: 0.2em; background-color: #edd;" | First 8 bytes of IV for title key decryption (last 8 bytes are zero) | ||
|} | |} | ||
| + | |||
| + | To obtain the title key, simply decrypt it using the master key and the given IV (last eight bytes zero, first eight bytes supplied). | ||
Note: this is probably part of the TMD/ticket/whatever. I'm throwing the offsets here for now, since this is arguably the most important part for extraction purposes. | Note: this is probably part of the TMD/ticket/whatever. I'm throwing the offsets here for now, since this is arguably the most important part for extraction purposes. | ||
Revision as of 20:59, 23 January 2008
WAD Format
The data within a WAD file has the following format.
Header
| Start | End | Length | Description |
| 0x000 | 0x003 | 4 | ?? Header size = 0x0020 |
| ... | ... | ... | ... |
Chain of Certificates
| Start | End | Length | Description |
| 0x040 | 0x043 | 4 | signature type (0x00010001 RSA2048, 0x00010000 RSA4096) |
| 0x044 | 0x143 | 256 for RSA2048 (d=0x000), 512 for RSA4096 (d=0x100) | signature |
| 0x144+d | 0x17F+d | 60 | zero filled |
| 0x180+d | 0x1BF+d | 64 | issuer |
| 0x1C0+d | 0x1C3+d | 4 | ? subject type (0x00000000, 0x00000001) |
| 0x1C4+d | 0x203+d | 64 | subject |
| 0x204+d | 0x307+d | 260 | ? public key |
| 0x308+d | 0x30B+d | 4 | ?? unknown (0x00010001) |
| 0x30C+d | 0x33F+d | 52 | zero filled |
| ... | ... | ... | ... |
Key and IV
| Start | End | Length | Description |
| 0x0bff | 0x0c0e | 0x0010 | Encrypted title key (decrypt using the master key) |
| 0x0c1c | 0x0c23 | 0x0008 | First 8 bytes of IV for title key decryption (last 8 bytes are zero) |
To obtain the title key, simply decrypt it using the master key and the given IV (last eight bytes zero, first eight bytes supplied).
Note: this is probably part of the TMD/ticket/whatever. I'm throwing the offsets here for now, since this is arguably the most important part for extraction purposes.
File Table
WAD files contain a number of "files" in them. The number of files can be obtained from the halfword (2 bytes) at 0xede. The table itself starts at 0xee4, and it is composed of a number of file entries:
| Start | End | Length | Description |
| 0x00 | 0x03 | 0x04 | File number / ID |
| 0x04 | 0x05 | 0x02 | First 2 bytes of IV to decrypt contents (last 14 bytes are zero) |
| 0x06 | 0x07 | 0x02 | Flags ? |
| 0x08 | 0x0B | 0x04 | Padding (zero) |
| 0x0C | 0x0F | 0x04 | File size |
| 0x10 | 0x24 | 0x14 | SHA-1 sum of decrypted file |
The files are located after the file table, with their starts aligned to a 64 byte boundary. To read a file, skip bytes until the next 64 byte boundary (unless already at one), read the File size bytes rounded to the next 16 bytes (the AES block size), decrypt using AES (using the title key and the IV in the file table entry plus 14 zero bytes), and take filesize bytes from the result to create the output file. The SHA-1 sum of this should match the one in the file table.